AW: [Full-Disclosure] Internet Explorer 6 DoS Bug

Michael Linke ml at intract.org
Mon Jul 7 22:59:36 BST 2003 

I can duplicate it here at a German Windows XP Pro with IE
6.0.2800.1106.xpsp2.030422-1633. The IE is full frozen. 



> -----Ursprüngliche Nachricht-----
> Von: full-disclosure-admin at lists.netsys.com [mailto:full-disclosure-
> admin at lists.netsys.com] Im Auftrag von Joe Hummel
> Gesendet: Montag, 7. Juli 2003 20:35
> An: fabian.becker2 at epost.de
> Cc: full-disclosure at lists.netsys.com; 'KF'
> 
> I can not duplicate this either, and did not get any prompts, just a
> default page stating "The page cannot be displayed".  I am Internet
> Explorer 6 (6.0.2800.1106.xpsp2.030422-1633).
> 
> Regards,
> Joe Hummel
> 
> 
> 
> -----Original Message-----
> From: full-disclosure-admin at lists.netsys.com
> [mailto:full-disclosure-admin at lists.netsys.com] On Behalf Of KF
> Sent: Monday, July 07, 2003 9:19 AM
> To: fabian.becker2 at epost.de
> Cc: full-disclosure at lists.netsys.com
> Subject: Re: [Full-Disclosure] Internet Explorer 6 DoS Bug
> 
> 
> I can NOT duplicate this on IE 6.0.2800.1106.xpsp2-030422-1633.... it
> simply asks me to open or save the file... if I choose open with notepad
> 
> for example ... nothing odd happens... notepad says function not found.
> If I try to save the file to disk it says "aux This filename is a
> reserved device name please choose another name". I tryed searching for
> what to open the file with on the ms extension search thing and also
> came up with nothing odd...
> 
> What *exact* version of IE do you use?
> 
> -KF
> 
> fabian.becker2 at epost.de wrote:
> 
> >Hi,
> >I found a bug in IE6 ón Windows XP with all Service Packs and Patches
> >installed: If you enter C:\aux in the adressline of the IE (not
> >EXPLORER, InternetExplorer) and hit enter, the window will freeze. This
> 
> >bug is simmilar to C:\con\con but not as dagerous. But its the same
> >reason, naimly that windows trys to open aux, a hardware device in
> >earlier windows versions. I already sended an email to Microsoft but
> >they said the bug wouldn't exist.
> >
> >Bye
> >
> >Fabian Becker (www.neonomicus.ionichost.com) fabian.becker2 at epost.de
> >
> >
> >
> >
> >________________________________________
> >Mehr Power für Ihre eMail - mit den neuen Leistungspaketen bei
> >http://www.epost.de
> >
> >
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.netsys.com/full-disclosure-charter.html
> >
> >
> >
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

Full-Disclosure is hosted and sponsored by Secunia.